Apache SSL Library Error 218529960

If your Apache2 server fails to start after installing SSL (recommended guides are here and here), and get an error in your logs (probably at /var/log/apache2/error.log on Ubuntu) such as

SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag 
SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

be sure you have the correct "tags" in your certificate file: It should start with (if PEM-encoded)

-----BEGIN CERTIFICATE-----

and end with

-----END CERTIFICATE-----

including all hyphens (five on each side). The leading hyphens might get eaten when you cut and paste to your server from your local machine.

#

NK: Thanks! This article saved me from some real pain! :)

Anurag: This saved me hours hair splitting. Thanks a ton.

Jeremy: Worth mentioning that Apache does not seem to like windows linebreaks, so make sure to check the .crt and convert any \r\n into \n. This had me stumped for a few minutes today after I pasted directly from my CA's website in to my SSH session from Windows.

Posted: 28 September 2010

comments powered by Disqus